TTL expired?

Roger Dingledine arma at mit.edu
Tue Mar 6 21:39:28 UTC 2007


On Tue, Mar 06, 2007 at 10:09:49PM +0100, Juliusz Chroboczek wrote:
> I've just switched to 0.1.2.8, and when trying to access a hidden
> service that doesn't exist, I'm getting SOCKS 5 error number 6
> ``TTL expired''.
> 
> That's a somewhat unexpected error -- I'd expect to get error 4 ``host
> unreachable''.

You're right: I've changed line 471 of rendclient.c so it'll use
END_STREAM_REASON_RESOLVEFAILED rather than END_STREAM_REASON_TIMEOUT,
which will result in a socks5 error 4 (host unreachable).

But there's a deeper issue, which is that we return socks5 error 6 (ttl
expired) for cases of END_STREAM_REASON_TIMEOUT, and this is probably
wrong. What's happening on Tor's side is that it's trying to build or
find a suitable circuit for the stream, but it gives up after a few
minutes and tells you you're out of luck.

Is this a host unreachable case or a network unreachable case? As far as
I can tell, the socks5 error messages are totally undocumented beyond
the short phrase for each one. I did find Some Guy On The Internet who
speculated a few more details:
http://socksipy.sourceforge.net/readme.txt

None of these fit the "we timed out without even trying to make the
connection" case in Tor, but host unreachable and network unreachable
seem closest. Anybody have a good rationale for one over the other?

--Roger



More information about the tor-talk mailing list